961 Results for:CVE

  • Sort by: 

Citrix NetScaler users told to patch new zero-day urgently

By Alex Scroxton 24 Jul 2023

A vulnerability disclosed and patched last week by Citrix appears to be being exploited by China-backed threat actors as a zero-day, prompting warnings from government cyber bodies Read More

Onapsis researchers detail new SAP security threats

By Arielle Waldman 09 Aug 2023

At Black Hat 2023, Onapsis researchers demonstrated how attackers could chain a series of SAP vulnerabilities impacting the P4 protocol to gain root access to a target network. Read More

Mandiant: New VMware ESXi zero-day used by Chinese APT

By Alexander Culafi 13 Jun 2023

VMware said the ESXi flaw was 'low severity' despite being under active exploitation because it requires the attacker to already have gained root access on the target's system. Read More

CISA: Volt Typhoon had access to some U.S. targets for 5 years

By Arielle Waldman 07 Feb 2024

A joint cybersecurity advisory expanded on the Volt Typhoon threat Wednesday, confirming attackers maintained prolonged persistent access to critical infrastructure targets. Read More

Fortinet warns critical VPN vulnerability 'may' be under attack

By Arielle Waldman 13 Jun 2023

Fortinet said the heap buffer overflow flaw might have been exploited already and warned that Chinese nation-state threat group Volt Typhoon would likely attack the vulnerability. Read More

Alert sounded over dangerous Cisco IOS XE zero-day

By Alex Scroxton 17 Oct 2023

Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems Read More

Forescout uncovers 21 Sierra Wireless router vulnerabilities

By Arielle Waldman 06 Dec 2023

Forescout is urging enterprises to patch software for affected OT/IoT routers as attackers increasingly target edge devices to gain network access to critical infrastructure. Read More

Secure Boot vulnerability causes Patch Tuesday headache for admins

By Alex Scroxton 10 May 2023

Applying the fix for a security bypass zero-day affecting the Windows Secure Boot feature will be a long process that will drag into 2024, but for good reason, says Microsoft Read More

US SEC launches probe into mass MOVEit breach

By Sebastian Klovig Skelton 13 Oct 2023

Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations ... Read More

Microsoft repairs 5 zero-days for July Patch Tuesday

By Tom Walat 11 Jul 2023

The company addressed 130 vulnerabilities and provided additional instructions to fully resolve several bugs, which will require extra attention from IT this month. Read More